6840 matches found
Privilege escalation
DISPUTED In ConnectWise Control through 22.9.10032 formerly known as ScreenConnect, after an executable file is signed, additional instructions can be added without invalidating the signature, such as instructions that result in offering the end user a different attacker-controlled executable fil...
CVE-2023-25718
In ConnectWise Control through 22.9.10032 formerly known as ScreenConnect, after an executable file is signed, additional instructions can be added without invalidating the signature, such as instructions that result in offering the end user a different attacker-controlled executable file. It is...
CVE-2023-25718
ConnectWise Control (through 22.9.10032) has a vulnerability where, after an executable is signed, additional instructions can be appended without invalidating the signature, potentially leading to an attacker-controlled executable being offered to the end user for download and execution. Connect...
CVE-2023-25718
In ConnectWise Control through 22.9.10032 formerly known as ScreenConnect, after an executable file is signed, additional instructions can be added without invalidating the signature, such as instructions that result in offering the end user a different attacker-controlled executable file. It is...
Qualcomm 芯片输入验证错误漏洞
A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way to miniaturize circuits mainly semiconductor devices, but also passive components, etc. and are often manufactured on the surface of semiconductor wafers. The Qualcomm chip has a security vulnerability that stems from a transient...
NewsPenguin Threat Actor Emerges with Malicious Campaign Targeting Pakistani Entities
A previously unknown threat actor dubbed NewsPenguin has been linked to a phishing campaign targeting Pakistani entities by leveraging the upcoming international maritime expo as a lure. "The attacker sent out targeted phishing emails with a weaponized document attached that purports to be an...
Code injection
Uncontrolled Search Path Element in Checkmk Agent in Tribe29 Checkmk before 2.1.0p1, before 2.0.0p25 and before 1.6.0p29 on a Checkmk server allows the site user to escalate privileges via a manipulated unixcat executable...
CVE-2022-43440 Privilege escalation via manipulated unixcat executable
Uncontrolled Search Path Element in Checkmk Agent in Tribe29 Checkmk before 2.1.0p1, before 2.0.0p25 and before 1.6.0p29 on a Checkmk server allows the site user to escalate privileges via a manipulated unixcat executable...
CVE-2022-43440 Privilege escalation via manipulated unixcat executable
Uncontrolled Search Path Element in Checkmk Agent in Tribe29 Checkmk before 2.1.0p1, before 2.0.0p25 and before 1.6.0p29 on a Checkmk server allows the site user to escalate privileges via a manipulated unixcat executable...
PT-2023-13240 · Qualcomm · Snapdragon +14
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is related to a transient denial-of-service in automotive systems, caused by improper input validation while parsing ELF files. There is no...
CVE-2020-24307
An issue in mRemoteNG v1.76.20 allows attackers to escalate privileges via a crafted executable file. NOTE: third parties were unable to reproduce any scenario in which the claimed access of BUILTIN\Users:M is present...
CVE-2020-24307
An issue in mRemoteNG v1.76.20 allows attackers to escalate privileges via a crafted executable file. NOTE: third parties were unable to reproduce any scenario in which the claimed access of BUILTIN\Users:M is present...
Design/Logic Flaw
An issue in mRemoteNG v1.76.20 allows attackers to escalate privileges via a crafted executable file. NOTE: third parties were unable to reproduce any scenario in which the claimed access of BUILTIN\Users:M is present...
The Menace of TrickGate Packer-as-a-Service Spreading Malware Globally
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary TrickGate has bundled several of the most well-known top-distribution malware families, including Trickbot, Maze, Emotet, REvil, CoinMiner, Cobalt Strike, Formbook, Remcos, AgentTesla, and many others...
ESTsoft Alyac 安全漏洞
ESTsoft Alyac is a low-priced comprehensive security software from the Korean company ESTsoft. A security vulnerability exists in ESTsoft Alyac version 2.5.8.645, which originates from a denial-of-service vulnerability in the malware scanning function, which can be exploited by an attacker to sen...
CVE-2020-24307
CVE-2020-24307 affects mRemoteNG v1.76.20. The issue is an improper access control vulnerability that allows privilege escalation through a crafted executable file. The Packet Storm advisory confirms vulnerable version 1.76.20 and lists a fixed version: 1.76.20.24615. Exploitation notes in the pu...
PT-2023-11671 · Mremoteng · Mremoteng
Name of the Vulnerable Software and Affected Versions: mRemoteNG version 1.76.20 Description: An issue in the software allows attackers to escalate privileges via a crafted executable file. There were attempts by third parties to reproduce a scenario where the claimed access of BUILTINUsers:M is...
Monomorph - MD5-Monomorphic Shellcode Packer - All Payloads Have The Same MD5 Hash
════════════════════════════════════╦═══ ╔═╦═╗ ╔═╗ ╔═╗ ╔═╗ ╔═╦═╗ ╔═╗ ╔══╔═╗ ╠═╗ ═╩ ╩ ╩═╚═╝═╩ ╩═╚═╝═╩ ╩ ╩═╚═╝═╩ ╠═╝═╩ ╩═ ════════════════════════════════╩═══════ By Retr0id ═══ MD5-Monomorphic Shellcode Packer ═ ══ USAGE: python3 monomorph.py inputfile outputfile payloadfile What does it do? It...
Design/Logic Flaw
Dell OpenManage Server Administrator OMSA version 10.3.0.0 and earlier contains a DLL Injection Vulnerability. A local low privileged authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary executable on the operating system with elevated...
CVE-2022-34396
Dell OpenManage Server Administrator OMSA version 10.3.0.0 and earlier contains a DLL Injection Vulnerability. A local low privileged authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary executable on the operating system with elevated...